diff options
| author | 崔一鸣 <[email protected]> | 2018-11-28 21:16:03 +0800 |
|---|---|---|
| committer | 崔一鸣 <[email protected]> | 2018-11-28 21:16:03 +0800 |
| commit | 51f6d0c17cd7885607302433780aa456676dd0ff (patch) | |
| tree | 0e50994372ea34a3c3dc7b74a8a17cd1ff096c09 /access | |
| parent | eaab1f2770dbda848a01f31c631961a016526bf8 (diff) | |
增加snat,dnat超时淘汰
Diffstat (limited to 'access')
| -rw-r--r-- | access/include/ip_mgr.h | 4 | ||||
| -rw-r--r-- | access/include/nat.h | 4 | ||||
| -rw-r--r-- | access/src/ip_mgr.cpp | 44 | ||||
| -rw-r--r-- | access/src/main.cpp | 42 | ||||
| -rw-r--r-- | access/src/nat.cpp | 203 | ||||
| -rw-r--r-- | access/src/udp_server.cpp | 1 | ||||
| -rw-r--r-- | access/src/vpn_monitor.cpp | 2 |
7 files changed, 136 insertions, 164 deletions
diff --git a/access/include/ip_mgr.h b/access/include/ip_mgr.h index 8b75e59..7b2f9f7 100644 --- a/access/include/ip_mgr.h +++ b/access/include/ip_mgr.h @@ -28,7 +28,7 @@ struct ip_mgr_vxlan_info }; struct ip_mgr_handle; -struct ip_mgr_handle *ip_mgr_init(MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, - Maat_feather_t feather, struct htable_opts* opts, void *logger); +struct ip_mgr_handle *ip_mgr_init(const char *profile, MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, + Maat_feather_t feather, void *logger); void ip_mgr_destroy(struct ip_mgr_handle *handle); int ip_mgr_candidata_ip_get(struct ip_mgr_handle *handle, const char *user_name, uint32_t *selected_ip);
\ No newline at end of file diff --git a/access/include/nat.h b/access/include/nat.h index b97764b..5df0104 100644 --- a/access/include/nat.h +++ b/access/include/nat.h @@ -2,8 +2,8 @@ #define NAT_COVERT_FAILURE 0 struct nat_handle; -struct nat_handle * nat_init(MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, - struct field_stat_handle *fs_handle, struct htable_opts* opts, void *logger); +struct nat_handle * nat_init(const char *profile, MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, + struct field_stat_handle *fs_handle, void *logger); void nat_destroy(struct nat_handle *handle); int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, char *buff, int len, struct ip_mgr_vxlan_info **vxlan_info, uint32_t *mrl_ip); int nat_dest_convert(struct nat_handle *handle, char *buff, int len);
\ No newline at end of file diff --git a/access/src/ip_mgr.cpp b/access/src/ip_mgr.cpp index 622e333..020a882 100644 --- a/access/src/ip_mgr.cpp +++ b/access/src/ip_mgr.cpp @@ -84,7 +84,7 @@ int ip_mgr_candidata_ip_get(struct ip_mgr_handle *handle, const char *user_name, } } -static void user_info_htable_data_free_cb(void *data) +static void user_policy_htable_data_free_cb(void *data) { FREE(&data); } @@ -145,13 +145,16 @@ static void Maat_user_policy_update_cb(int table_id, const char* table_line, voi { //add user_policy_htable int rtn = MESA_htable_add(handle->user_policy_htable, (const unsigned char *)user_name, key_size, value); - if(rtn < 0) + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at add, table is %s, user_name is %s, group_id is %d, rtn is %d", "user_policy_htable", user_name, group_id, rtn); return; } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); - FS_operate(fs_handle->handle, fs_handle->line_user_policy, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + if(rtn >= 0) + { + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at add, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + FS_operate(fs_handle->handle, fs_handle->line_user_policy, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + } } else { @@ -159,7 +162,7 @@ static void Maat_user_policy_update_cb(int table_id, const char* table_line, voi int rtn = MESA_htable_del(handle->user_policy_htable, (const unsigned char *)user_name, key_size, NULL); if(rtn < 0) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, user_name is %s, group_id is %d, rtn is %d", "user_policy_htable", user_name, group_id, rtn); return; } MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, user_name is %s, group_id is %d", "user_policy_htable", user_name, group_id); @@ -234,7 +237,7 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a int rtn = MESA_htable_add(handle->cand_ip_group_htable, (const unsigned char *)&group_id, sizeof(group_id), (void *)ip_group); if(rtn < 0) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, group_id is %d, errno is %d", "cand_ip_group_htable", group_id, rtn); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, group_id is %d, rtn is %d", "cand_ip_group_htable", group_id, rtn); return; } MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, group_id is %d", "cand_ip_group_htable", group_id); @@ -271,13 +274,16 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a //add to cand_ip_detail_htable int rtn = MESA_htable_add(handle->cand_ip_detail_htable, (const unsigned char *)&ip, sizeof(ip), (void *)_cand_ip); - if(rtn < 0) + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add, table is %s, ip is %s, rtn is %d", "cand_ip_detail_htable", rtn); return; } - MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + if(rtn >= 0) + { + MGW_LOG_INFO(logger, "MESA_htable: Succeed at add, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + } } else { @@ -313,10 +319,10 @@ static void Maat_cand_ip_update_cb(int table_id, const char* table_line, void* a rtn = MESA_htable_del(handle->cand_ip_detail_htable, (const unsigned char *)(&ip), sizeof(ip), NULL); if(rtn < 0) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, table is %s, ip is %s, rtn is %d", "cand_ip_detail_htable", ip_addr, rtn); return; } - MGW_LOG_ERROR(handle->logger, "MESA_htable: Succeed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, ip is %s", "cand_ip_detail_htable", ip_addr); FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_element_num, FS_OP_ADD, -1); } return; @@ -350,7 +356,7 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, table_id = Maat_table_register(feather, table_name); if(table_id == -1) { - MGW_LOG_ERROR(logger, "Maat_redis: database table %s register failed", table_name); + MGW_LOG_ERROR(logger, "Maat_redis: Failed at register table %s", table_name); return -1; } else @@ -358,7 +364,7 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, ret = Maat_table_callback_register(feather, table_id, start, update, finish, (void *)handle); if(ret < 0) { - MGW_LOG_ERROR(logger, "Maat_redis: callback register table %s error", table_name); + MGW_LOG_ERROR(logger, "Maat_redis: Failed to register callback of table %s", table_name); return -1; } } @@ -366,16 +372,16 @@ static int Maat_plugin_register(Maat_feather_t feather, const char* table_name, } -struct ip_mgr_handle *ip_mgr_init(MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, - Maat_feather_t feather, struct htable_opts* opts, void *logger) +struct ip_mgr_handle *ip_mgr_init(const char *profile, MESA_htable_handle cand_ip_detail_htable, struct field_stat_handle *fs_handle, + Maat_feather_t feather, void *logger) { struct ip_mgr_handle *handle = ALLOC(struct ip_mgr_handle, 1); handle->logger = logger; handle->feather = feather; handle->fs_handle = fs_handle; handle->cand_ip_detail_htable = cand_ip_detail_htable; - handle->user_policy_htable = mgw_utils_create_htable("user_info_htable", opts, (void *)user_info_htable_data_free_cb, NULL); - handle->cand_ip_group_htable = mgw_utils_create_htable("cand_ip_group_htable", opts, (void *)cand_ip_group_htable_data_free_cb, NULL); + handle->user_policy_htable = mgw_utils_create_htable(profile, "user_policy_htable", (void *)user_policy_htable_data_free_cb, NULL, logger); + handle->cand_ip_group_htable = mgw_utils_create_htable(profile, "cand_ip_group_htable", (void *)cand_ip_group_htable_data_free_cb, NULL, logger); int rtn = Maat_plugin_register(feather, "IR_POLICY", Maat_user_policy_start_cb, Maat_user_policy_update_cb, Maat_user_policy_finish_cb, handle); if(rtn == -1) { diff --git a/access/src/main.cpp b/access/src/main.cpp index 15d37f8..3ccd966 100644 --- a/access/src/main.cpp +++ b/access/src/main.cpp @@ -19,7 +19,6 @@ struct mgw_handle void* logger; char *profile; Maat_feather_t Maat_feather; - struct htable_opts *htable_opts_s; struct mgw_tun_handle *mgw_tun_handle_s; struct nat_handle *nat_handle_s; struct ip_mgr_handle *ip_mgr_handle_s; @@ -34,7 +33,7 @@ static void wrapped_Maat_set_feather_opt(void *logger, Maat_feather_t feather, e int rtn = Maat_set_feather_opt(feather, type, value, size); if(unlikely(rtn < 0)) { - MGW_LOG_ERROR(logger, "Failed at Maat_set_feather_opt, type is %d", type); + MGW_LOG_ERROR(logger, "Failed at Maat_set_feather_opt, type is %d, rtn is %d", type, rtn); exit(EXIT_FAILURE); } } @@ -53,7 +52,8 @@ static Maat_feather_t Maat_init(const char *profile, void *logger) MESA_load_profile_string_def(profile, section, "Maat_redis_ip", Maat_redis_ip, sizeof(Maat_redis_ip), "127.0.0.1"); MESA_load_profile_int_def(profile, section, "Maat_redis_port", &Maat_redis_port, 6379); MESA_load_profile_string_def(profile, section, "stat_file_path", stat_file_path, sizeof(stat_file_path), "./log/Maat_stat.log"); - MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n table_info_path: %s\n max_thread_num: %d\n Maat_redis_ip: %s\n Maat_redis_port: %d\n stat_file_path: %s", "Maat", table_info_path, max_thread_num, Maat_redis_ip, Maat_redis_port, stat_file_path); + MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n table_info_path: %s\n max_thread_num: %d\n Maat_redis_ip: %s\n Maat_redis_port: %d\n stat_file_path: %s", "Maat", + table_info_path, max_thread_num, Maat_redis_ip, Maat_redis_port, stat_file_path); // init Maat Maat_feather_t feather = NULL; feather = Maat_feather(max_thread_num, table_info_path, logger); @@ -81,20 +81,6 @@ static Maat_feather_t Maat_init(const char *profile, void *logger) return feather; } -static struct htable_opts * htable_opt_init(const char* profile, void *logger) -{ - struct htable_opts* _htable_opts = ALLOC(struct htable_opts, 1); - const char *section = "htable_opt"; - MESA_load_profile_int_def(profile, section, "mho_screen_print_ctrl", &(_htable_opts->mho_screen_print_ctrl), 0); - MESA_load_profile_int_def(profile, section, "mho_thread_safe", &(_htable_opts->mho_thread_safe), 1); - MESA_load_profile_int_def(profile, section, "mho_mutex_num", &(_htable_opts->mho_mutex_num), 16); - MESA_load_profile_int_def(profile, section, "mho_hash_slot_size", &(_htable_opts->mho_hash_slot_size), 16000); - MESA_load_profile_int_def(profile, section, "mho_expire_time", &(_htable_opts->mho_expire_time), 0); - MGW_LOG_INFO(logger, "MESA_prof_load, [%s]:\n mho_screen_print_ctrl: %d\n mho_thread_safe: %d\n mho_mutex_num: %d\n mho_hash_slot_size: %d\n mho_expire_time: %d", - "htable_opt", _htable_opts->mho_screen_print_ctrl, _htable_opts->mho_thread_safe, _htable_opts->mho_mutex_num, _htable_opts->mho_hash_slot_size, _htable_opts->mho_expire_time); - return _htable_opts; -} - static void ip2user_htable_data_free_cb(void *data) { FREE(&data); @@ -286,10 +272,6 @@ static struct mgw_handle * mgw_init() _mgw_handle->logger = logger; _mgw_handle->profile = (char *)profile; - //init htable_opt - struct htable_opts * _htable_opts = htable_opt_init(profile, logger); - _mgw_handle->htable_opts_s = _htable_opts; - //init feild_stat struct field_stat_handle *fs_handle = fs_init(profile, logger); _mgw_handle->fs_handle = fs_handle; @@ -302,14 +284,14 @@ static struct mgw_handle * mgw_init() _mgw_handle->mgw_tun_handle_s = mgw_tun_init("tun_mgw", logger); //init ip_mgr - MESA_htable_handle cand_ip_detail_htable = mgw_utils_create_htable("cand_ip_detail_htable", _mgw_handle->htable_opts_s, (void *)cand_ip_detail_htable_data_free_cb, NULL); + MESA_htable_handle cand_ip_detail_htable = mgw_utils_create_htable(profile, "cand_ip_detail_htable", (void *)cand_ip_detail_htable_data_free_cb, NULL, logger); if(cand_ip_detail_htable == NULL) { MGW_LOG_ERROR(logger, "Failed at create cand_ip_detail_htable"); exit(EXIT_FAILURE); } _mgw_handle->cand_ip_detail_htable = cand_ip_detail_htable; - struct ip_mgr_handle * _ip_mgr_handle = ip_mgr_init(cand_ip_detail_htable, fs_handle, Maat_feather, _htable_opts, logger); + struct ip_mgr_handle * _ip_mgr_handle = ip_mgr_init(profile, cand_ip_detail_htable, fs_handle, Maat_feather, logger); if(unlikely(_ip_mgr_handle == NULL)) { MGW_LOG_ERROR(logger, "Failed at init_ip_mgr"); @@ -319,14 +301,14 @@ static struct mgw_handle * mgw_init() //init nat - MESA_htable_handle ip2user_htable = mgw_utils_create_htable("ip2user_htable", _mgw_handle->htable_opts_s, (void *)ip2user_htable_data_free_cb, NULL); + MESA_htable_handle ip2user_htable = mgw_utils_create_htable(profile, "ip2user_htable", (void *)ip2user_htable_data_free_cb, NULL, logger); if(ip2user_htable == NULL) { MGW_LOG_ERROR(logger, "Failed at create ip2user_htable"); exit(EXIT_FAILURE); } _mgw_handle->ip2user_htable = ip2user_htable; - _mgw_handle->nat_handle_s = nat_init(ip2user_htable, cand_ip_detail_htable, fs_handle, _htable_opts, logger); + _mgw_handle->nat_handle_s = nat_init(profile, ip2user_htable, cand_ip_detail_htable, fs_handle, logger); //create thread_vpn_monitor @@ -368,7 +350,6 @@ static void mgw_destroy(struct mgw_handle *handle) { MESA_destroy_runtime_log_handle(handle->logger); FREE(&handle->profile); - FREE(&handle->htable_opts_s); Maat_burn_feather(handle->Maat_feather); MESA_htable_destroy(handle->cand_ip_detail_htable, NULL); MESA_htable_destroy(handle->ip2user_htable, NULL); @@ -377,6 +358,7 @@ static void mgw_destroy(struct mgw_handle *handle) ip_mgr_destroy(handle->ip_mgr_handle_s); FREE(&handle->udp_client_handle_s); FS_stop(&handle->fs_handle->handle); + FREE(&handle->fs_handle); FREE(&handle); } @@ -404,6 +386,10 @@ static void mgw_run(struct mgw_handle *handle) sleep(10); struct timespec start_time, end_time; struct field_stat_handle *fs_handle = handle->fs_handle; + //for test + //struct timespec _start_time; + //clock_gettime(CLOCK_MONOTONIC, &_start_time); + while(1) { @@ -428,6 +414,10 @@ static void mgw_run(struct mgw_handle *handle) long long cost_time; cost_time = (end_time.tv_sec - start_time.tv_sec) * 1000000 + (end_time.tv_nsec - start_time.tv_nsec) / 1000; FS_operate(fs_handle->handle, fs_handle->snat_latency, 0, FS_OP_SET, cost_time); + + //for test + //if(end_time.tv_sec - _start_time.tv_sec > 60) + //break; } } diff --git a/access/src/nat.cpp b/access/src/nat.cpp index d558e0b..296c02f 100644 --- a/access/src/nat.cpp +++ b/access/src/nat.cpp @@ -7,7 +7,6 @@ struct nat_handle { void *logger; - struct htable_opts* htable_opts_s; MESA_htable_handle ip2user_htable; // should be thread-safe MESA_htable_handle snat_htable; MESA_htable_handle dnat_htable; @@ -16,6 +15,8 @@ struct nat_handle int access_id; }; +struct field_stat_handle *g_fs_handle; + struct session { uint32_t sip; @@ -189,27 +190,31 @@ static int packet_dest_replace(const char *buff, int len, struct ip_port_pair *p static void snat_htable_data_free_cb(void *data) { + //printf("call snat_htable_data_free_cb\n"); + FS_operate(g_fs_handle->handle, g_fs_handle->line_snat, g_fs_handle->cloumn_element_num, FS_OP_ADD, -1); FREE(&data); } static void dnat_htable_data_free_cb(void *data) { + //printf("call dnat_htable_data_free_cb\n"); + FS_operate(g_fs_handle->handle, g_fs_handle->line_dnat, g_fs_handle->cloumn_element_num, FS_OP_ADD, -1); FREE(&data); } -struct nat_handle * nat_init(MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, - struct field_stat_handle *fs_handle, struct htable_opts* opts, void *logger) +struct nat_handle * nat_init(const char *profile, MESA_htable_handle ip2user_htable, MESA_htable_handle cand_ip_detail_htable, + struct field_stat_handle *fs_handle, void *logger) { struct nat_handle *handle = ALLOC(struct nat_handle, 1); handle->logger = logger; handle->fs_handle = fs_handle; handle->ip2user_htable = ip2user_htable; handle->cand_ip_detail_htable = cand_ip_detail_htable; - handle->htable_opts_s = opts; - handle->snat_htable = mgw_utils_create_htable("snat_htable", opts, (void *)snat_htable_data_free_cb, NULL); - handle->dnat_htable = mgw_utils_create_htable("dnat_htable", opts, (void *)dnat_htable_data_free_cb, NULL); + handle->snat_htable = mgw_utils_create_htable(profile, "snat_htable", (void *)snat_htable_data_free_cb, NULL, logger); + handle->dnat_htable = mgw_utils_create_htable(profile, "dnat_htable", (void *)dnat_htable_data_free_cb, NULL, logger); handle->access_id = 0; + g_fs_handle = fs_handle; return handle; } @@ -252,6 +257,24 @@ static long dnat_htable_query_cb(void *data, const uchar *key, uint size, void * } } +/* +static long dnat_htable_query_cb(void *data, const uchar *key, uint size, void *user_arg) +{ + struct ip_port_pair *pair = (struct ip_port_pair *)user_arg; + if(data != NULL) + { + struct ip_port_pair *_data = (struct ip_port_pair *)data; + pair->ip = _data->ip; + pair->port = _data->port; + return HTABLE_KEY_EXISTED; + } + else + { + return HTABLE_KEY_NOT_EXISTED; + } +} +*/ + static uint16_t get_candidate_port(int access_id, struct session *sess, uint32_t cand_ip) { u_int16_t random = mgw_utils_get_random(64); @@ -267,7 +290,8 @@ static uint16_t get_candidate_port(int access_id, struct session *sess, uint32_t return htons(port); } -static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, const char *user_name, +//get snat_value, if succeed, has already added to dnat_htable +static struct ip_port_pair * snat_value_get(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_handle, const char *user_name, struct session *snat_key, struct ip_mgr_vxlan_info **vxlan_info, uint32_t *mrl_ip) { struct field_stat_handle *fs_handle = handle->fs_handle; @@ -277,7 +301,15 @@ static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_ dnat_key->sip = snat_key->dip; dnat_key->sport = snat_key->dport; dnat_key->proto = snat_key->proto; - struct ip_port_pair *pair = ALLOC(struct ip_port_pair, 1); + struct ip_port_pair *snat_value = ALLOC(struct ip_port_pair, 1); + struct ip_port_pair *dnat_value = ALLOC(struct ip_port_pair, 1); + dnat_value->ip = snat_key->sip; + dnat_value->port = snat_key->sport; + char dnat_key_sip[MGW_SYMBOL_MAX]; + char dnat_key_dip[MGW_SYMBOL_MAX]; + char dnat_value_ip[MGW_SYMBOL_MAX]; + mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); + mgw_utils_inet_ntoa(dnat_value->ip, dnat_value_ip); for(int i = 0; i < retry_times; i++) { uint32_t cand_ip; @@ -286,52 +318,59 @@ static struct ip_port_pair * snat_pair_get(struct nat_handle *handle, struct ip_ { MGW_LOG_INFO(logger, "Failed to find ip and port, user_name is %s", user_name); FREE(&dnat_key); - FREE(&pair); + FREE(&dnat_value); + FREE(&snat_value); return NULL; } u_int16_t port = get_candidate_port(handle->access_id, snat_key, cand_ip); - - //for test - //port = snat_key->sport; dnat_key->dip = cand_ip; dnat_key->dport = port; - long dnat_cb_rtn = -1; - MESA_htable_search_cb(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), dnat_htable_query_cb, (void *)(pair), &dnat_cb_rtn); - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); - if(dnat_cb_rtn == HTABLE_KEY_EXISTED) + snat_value->ip = cand_ip; + snat_value->port = port; + mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); + // check if cand_ip is still valid + struct ip_mgr_cand_ip_detail *cand_ip_detail = NULL; + cand_ip_detail = (struct ip_mgr_cand_ip_detail *)MESA_htable_search(handle->cand_ip_detail_htable, (const unsigned char *)(&cand_ip), sizeof(cand_ip)); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); + char _ip[MGW_SYMBOL_MAX]; + if(cand_ip_detail == NULL) { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - MGW_LOG_INFO(logger, "Select ip and port conflict, retry times is %d", i); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); + mgw_utils_inet_ntoa(cand_ip, _ip); + MGW_LOG_ERROR(logger, "MESA_htable: table is %s, key %s not existed", "cand_ip_detail_htable", _ip); continue; } - else + MGW_LOG_INFO(logger, "MESA_htable: table is %s, key %s existed", "cand_ip_detail_htable", _ip); + FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); + + //try to add to dnat + rtn = MESA_htable_add(handle->dnat_htable, (const unsigned char *)dnat_key, sizeof(struct session), (void *)dnat_value); + if(rtn < 0 && rtn != MESA_HTABLE_RET_DUP_ITEM) { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); - pair->ip = cand_ip; - pair->port = port; - //reference + 1, when to -- - struct ip_mgr_cand_ip_detail *cand_ip_detail = NULL; - cand_ip_detail = (struct ip_mgr_cand_ip_detail *)MESA_htable_search(handle->cand_ip_detail_htable, (const unsigned char *)(&cand_ip), sizeof(cand_ip)); - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_queyr_num, FS_OP_ADD, 1); - if(cand_ip_detail == NULL) - { - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); - char _ip[MGW_SYMBOL_MAX]; - mgw_utils_inet_ntoa(cand_ip, _ip); - MGW_LOG_ERROR(logger, "MESA_htable: table is %s, key %s not existed", "cand_ip_detail_htable", _ip); - continue; - } - FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - cand_ip_detail->reference ++; - *vxlan_info = cand_ip_detail->vxlan_info; - *mrl_ip = cand_ip_detail->mrl_ip; - FREE(&dnat_key); - return pair; + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>, rtn is %d", "dnat_htable", + dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port), rtn); + continue; + } + if(rtn == MESA_HTABLE_RET_DUP_ITEM) + { + MGW_LOG_INFO(logger, "Selected ip and port <%s:%d> conflict", dnat_key_dip, ntohs(dnat_key->dport)); + continue; } + //rtn >= 0, succeed to add to dnat + MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", + dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); + FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); + //reference + 1, when to --? + cand_ip_detail->reference ++; + *vxlan_info = cand_ip_detail->vxlan_info; + *mrl_ip = cand_ip_detail->mrl_ip; + FREE(&dnat_key); + return snat_value; } - MGW_LOG_INFO(logger, "Failed to find ip and port, retry times is %d", retry_times - 1); + MGW_LOG_ERROR(logger, "Failed to find ip and port, retry times is %d", retry_times - 1); FREE(&dnat_key); - FREE(&pair); + FREE(&dnat_value); + FREE(&snat_value); return NULL; } @@ -352,9 +391,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han char snat_key_sip[MGW_SYMBOL_MAX]; char snat_key_dip[MGW_SYMBOL_MAX]; char snat_value_ip[MGW_SYMBOL_MAX]; - char dnat_key_sip[MGW_SYMBOL_MAX]; - char dnat_key_dip[MGW_SYMBOL_MAX]; - char dnat_value_ip[MGW_SYMBOL_MAX]; mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); mgw_utils_inet_ntoa(snat_key->dip, snat_key_dip); @@ -396,8 +432,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han FREE(&snat_value); return NAT_COVERT_FAILURE; } - mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); - mgw_utils_inet_ntoa(snat_key->dip, snat_key_dip); MGW_LOG_INFO(logger, "After snat: session is <%s:%d %s:%d %d>", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); *vxlan_info = cand_ip_detail->vxlan_info; @@ -410,48 +444,18 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han { FS_operate(fs_handle->handle, fs_handle->line_ip_detail, fs_handle->cloumn_cache_miss, FS_OP_ADD, 1); MGW_LOG_INFO(handle->logger, "MESA_htable, key not existed, table is %s, key is %s", "cand_ip_detail_htable", snat_value_ip); - //if session exists in sant but ip is valid. del session from snat and dnat + //if session exists in sant but ip is valid. del session from snat, do not del dnat rtn = MESA_htable_del(handle->snat_htable, (const unsigned char *)(snat_key), sizeof(struct session), NULL); - // data may be freed because of expire if(rtn < 0 && rtn != MESA_HTABLE_RET_NOT_FOUND) { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "snat_htable", + MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, rtn is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE;; } - if(rtn >= 0) - { - FS_operate(fs_handle->handle, fs_handle->line_snat, fs_handle->cloumn_element_num, FS_OP_ADD, -1); - } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "snat_htable", + MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - struct session *dnat_key = ALLOC(struct session, 1); - dnat_key->sip = snat_key->dip; - dnat_key->sport = snat_key->dport; - dnat_key->dip = snat_value->ip; - dnat_key->dport = snat_value->port; - dnat_key->proto = snat_key->proto; - mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); - mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); - rtn = MESA_htable_del(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), NULL); - if(rtn < 0 && rtn != MESA_HTABLE_RET_NOT_FOUND) - { - MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is <%s:%d %s,%d, %d>", rtn, "dnat_htable", - snat_key_sip, ntohs(dnat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - FREE(&snat_key); - FREE(&snat_value); - FREE(&dnat_key); - return NAT_COVERT_FAILURE;; - } - if(rtn >= 0) - { - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, -1); - } - MGW_LOG_INFO(handle->logger, "MESA_htable: Succeed at del, table is %s, key is <%s:%d %s,%d, %d>", "dnat_htable", - snat_key_sip, ntohs(dnat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); - FREE(&dnat_key); } } //do snat @@ -464,20 +468,20 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han if(user_name != NULL) { FS_operate(fs_handle->handle, fs_handle->line_ip2user, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); - snat_value = snat_pair_get(handle, _ip_mgr_handle, user_name, snat_key, vxlan_info, mrl_ip); + snat_value = snat_value_get(handle, _ip_mgr_handle, user_name, snat_key, vxlan_info, mrl_ip); if(snat_value == NULL) { FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE; } - //add sess to snat, dnat + //add sess to snat rtn = MESA_htable_add(handle->snat_htable, (const unsigned char *)(snat_key), sizeof(struct session), (const void*)snat_value); mgw_utils_inet_ntoa(snat_value->ip, snat_value_ip); if(rtn < 0) { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "snat_htable", - snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port)); + MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>, rtn is %d", "snat_htable", + snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port), rtn); FREE(&snat_key); FREE(&snat_value); return NAT_COVERT_FAILURE; @@ -485,38 +489,12 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han FS_operate(fs_handle->handle, fs_handle->line_snat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "snat_htable", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto, snat_value_ip, ntohs(snat_value->port)); - struct session *dnat_key = ALLOC(struct session, 1); - dnat_key->sip = snat_key->dip; - dnat_key->sport = snat_key->dport; - dnat_key->dip = snat_value->ip; - dnat_key->dport = snat_value->port; - dnat_key->proto = snat_key->proto; - struct ip_port_pair *dnat_value = ALLOC(struct ip_port_pair, 1); - dnat_value->ip = snat_key->sip; - dnat_value->port = snat_key->sport; - mgw_utils_inet_ntoa(dnat_key->sip, dnat_key_sip); - mgw_utils_inet_ntoa(dnat_key->dip, dnat_key_dip); - mgw_utils_inet_ntoa(dnat_value->ip, dnat_value_ip); - rtn = MESA_htable_add(handle->dnat_htable, (const unsigned char *)(dnat_key), sizeof(struct session), (const void*)dnat_value); - if(rtn < 0) - { - MGW_LOG_ERROR(logger, "MESA_htable: Failed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", - dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); - FREE(&snat_key); - FREE(&dnat_key); - FREE(&dnat_value); - return NAT_COVERT_FAILURE; - } - FS_operate(fs_handle->handle, fs_handle->line_dnat, fs_handle->cloumn_element_num, FS_OP_ADD, 1); - MGW_LOG_INFO(logger, "MESA_htable: Succeed at add to %s, key is <%s:%d %s,%d, %d>, value is <%s, %d>", "dnat_htable", - dnat_key_sip, ntohs(dnat_key->sport), dnat_key_dip, ntohs(dnat_key->dport), dnat_key->proto, dnat_value_ip, ntohs(dnat_value->port)); packet_src_replace(buff, len, snat_value); rtn = sess_get_from_packet(buff, len, snat_key); if(rtn == -1) { MGW_LOG_ERROR(logger, "Failed at parse packet, len is %d", len); FREE(&snat_key); - FREE(&dnat_key); return NAT_COVERT_FAILURE; } mgw_utils_inet_ntoa(snat_key->sip, snat_key_sip); @@ -524,7 +502,6 @@ int nat_src_convert(struct nat_handle *handle, struct ip_mgr_handle *_ip_mgr_han MGW_LOG_INFO(logger, "After snat: session is <%s:%d %s:%d %d>", snat_key_sip, ntohs(snat_key->sport), snat_key_dip, ntohs(snat_key->dport), snat_key->proto); FREE(&snat_key); - FREE(&dnat_key); return NAT_COVERT_SUCCESS; } else @@ -548,7 +525,7 @@ int nat_dest_convert(struct nat_handle *handle, char *buff, int len) int rtn = sess_get_from_packet(buff, len, dnat_key); if(rtn == -1) { - MGW_LOG_ERROR(logger, "Failed at parse packet, packet len is %d", len); + MGW_LOG_ERROR(logger, "Failed at nat_dest_convert: parse packet failed, packet len is %d", len); FREE(&dnat_key); return NAT_COVERT_FAILURE; } @@ -575,7 +552,7 @@ int nat_dest_convert(struct nat_handle *handle, char *buff, int len) rtn = sess_get_from_packet(buff, len, dnat_key); if(rtn == -1) { - MGW_LOG_ERROR(logger, "Failed at parse packet, len is %d", len); + MGW_LOG_ERROR(logger, "Failed at nat_dest_convert: parse packet failed, packet len is %d", len); FREE(&dnat_key); return NAT_COVERT_FAILURE; } diff --git a/access/src/udp_server.cpp b/access/src/udp_server.cpp index 52d9ca7..bcf8547 100644 --- a/access/src/udp_server.cpp +++ b/access/src/udp_server.cpp @@ -48,7 +48,6 @@ void * thread_udp_server(void *args) int rtn = nat_dest_convert(_nat_handle, buff, len); if(rtn == NAT_COVERT_FAILURE) { - //MGW_LOG_INFO(logger, "Failed to nat_dest_convert"); continue; } //write to tun diff --git a/access/src/vpn_monitor.cpp b/access/src/vpn_monitor.cpp index 9114b72..68d9c89 100644 --- a/access/src/vpn_monitor.cpp +++ b/access/src/vpn_monitor.cpp @@ -34,7 +34,7 @@ static long ip2user_cb_to_del_key(void *data, const uchar *key, uint size, void FS_operate(fs_handle->handle, fs_handle->line_ip2user, fs_handle->cloumn_cache_hit, FS_OP_ADD, 1); MGW_LOG_INFO(handle->logger, "MESA_htable: key existed, table is %s, key is %s", "ip2user_htable", _key); int rtn = MESA_htable_del(handle->ip2user_htable, key, size, NULL); - if(rtn != 0) + if(rtn < 0) { MGW_LOG_ERROR(handle->logger, "MESA_htable: Failed at del, errno is %d, table is %s, key is %s", rtn, "ip2user_htable", _key); return HTABLE_QUERY_CB_FAILURE; |